No Auto Generated Themes #65
Conversation
|
This looks good. It will need an update to pass the automated tests. |
grappler
force-pushed
the
feature/theme-review-sniffs
branch
2 times, most recently
from
563cd1d to
6671823
Compare
|
I have rebased the branch so that it is up to date with the latest code and this get's travis to run it's latest checks. To update the branch locally run |
|
The PR is ready for the final review. I have simplified the checks to only check for the names. When downloading the latest version of the generated themes I did not find the code that the check was looking for. These are not common words so there should not be any problem with false possitives. |
jrfnl
added
pr: needs update
pr: needs review
and removed
pr: needs review
pr: needs update
labels
| * @category PHP | ||
| * @package PHP_CodeSniffer | ||
| * @link https://make.wordpress.org/core/handbook/best-practices/coding-standards/ | ||
| */ |
There was a problem hiding this comment.
Please update the doc block to comply with the current standards.
| return; | ||
| } | ||
|
|
||
| $generated_themes = array( |
There was a problem hiding this comment.
This should be a class property, similar to the include/require sniff class property.
| 'wpthemegenerator', | ||
| ); | ||
|
|
||
| foreach ( $generated_themes as $generated_theme ) { |
There was a problem hiding this comment.
Similar to the favicon one, we could probably use a regex here, though as it's only four strings being sniffed for, it's not a breaking issue at the moment.
If/when the list gets longer, I would very much suggest changing it to a regex.
|
|
||
| foreach ( $generated_themes as $generated_theme ) { | ||
| if ( false !== strpos( strtolower( $token['content'] ), $generated_theme ) ) { | ||
| $phpcsFile->addError( 'Auto generated themes are not allowed in the theme directory.', $stackPtr, 'AutoGeneratedFound' ); |
There was a problem hiding this comment.
Maybe add a Found: %s to the error sentence ? Or is this left out on purpose ?
| // wpthemegenerator.com | ||
| /* | ||
| * @package templatetoaster | ||
| */ |
There was a problem hiding this comment.
As you are sniffing for both PHP as well as CSS, you will need a css example file too and deal with that in the unit test file.
| // TemplateToaster. | ||
| 'templatetoaster', | ||
| // WP Theme Generator. | ||
| 'wpthemegenerator', |
There was a problem hiding this comment.
Looks like the list has become a lot shorter than it originally was. Should the other snippets no longer be sniffed for ? How will they be dealt with ?
There was a problem hiding this comment.
I mentioned in the comment above:
When downloading the latest version of the generated themes I did not find the code that the check was looking for.
There was a problem hiding this comment.
Ah, I misread that comment before.
Still, serial theme builders often don't download a new version of base code for each theme (take TGMPA for example... sigh...), so should we may be still check for code from at least a few versions back ?
There was a problem hiding this comment.
I don't think this should be a big problem any more. This was a bigger problem a few years ago. As we have been blocking the generators spammers should know by no they are not allowed.
There was a problem hiding this comment.
You and the other members of the TRT are the better judge of that. I just wonder if relaxing the sniffs will not make some of them think "hang on, now we have a chance again...."
| @@ -0,0 +1,11 @@ | |||
|
|
|||
| <p>Lubith</p> | |||
|
|
|||
There was a problem hiding this comment.
Are these "real life" examples or made up examples ? I would very much prefer to see real life examples here to demonstrate what is being sniffed for and how.
Also, let's add some examples to make sure we don't get false positives.
|
We need to add https://pinegrow.com/wordpress-theme-builder.html to the list. |
|
@jrfnl I have made the requested changes. Thank you for pushing me use real world examples. Found a few bugs that way. Once I get the greenlight I can squash the commits. |
|
I have updated file doc block. Do you have any ideas for test data to make sure we do not get false positives. I can't think of any. The keywords are unique enough that normal users should not be using them. The only idea that I had was to split the keywords up so that they were normal words. e.g. |
Just some random thoughts on this:
Does that help ? |
| 2 => 1, | ||
| 3 => 1, | ||
| 6 => 1, | ||
| 6 => 1, |
There was a problem hiding this comment.
Looks like there is a duplicate line here
Issue #63 Verify that themes are not generated, by searching for strings contained in known auto generated packages.
|
Fixed the last bug. There is a chance for false positives if a theme uses any of the restricted words but the chances and reasons to do so it is very low. |
Issue #63
Verify that themes are not generated, by searching for strings contained in known auto generated packages.